CVE-2014-2276

Name of the Vulnerable Software and Affected Versions EMC Connectrix Manager Converged Network Edition versions prior to 12.1.5

Description The issue concerns the FileUploadController servlet, which does not properly restrict additions to the Connectrix Manager repository. This allows remote attackers to obtain sensitive information by importing a crafted firmware file.

Recommendations For versions prior to 12.1.5, update to version 12.1.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the FileUploadController servlet to minimize the risk of exploitation.